package com.gome.security.util;

import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

import org.bouncycastle.util.encoders.Base64;

import sun.misc.BASE64Encoder;

public class SignUtil {
//	public static PrivateKey genPrivateKey(byte[] key) {
//		PrivateKey pk = null;
//		try {
//			PKCS8EncodedKeySpec peks = new PKCS8EncodedKeySpec(key);
//			KeyFactory kf = KeyFactory.getInstance("RSA");
//			pk = kf.generatePrivate(peks);
//		} catch (Exception e) {
//			return null;
//		}
//		return pk;
//	}

	public static byte[] sign(PrivateKey pk, byte[] data) {
		byte[] sb = (byte[]) null;
		try {
			Signature sig = Signature.getInstance("SHA1withRSA");
			sig.initSign(pk);
			sig.update(data);
			sb = sig.sign();
		} catch (Exception e) {
			return null;
		}
		return sb;
	}

//	public static X509Certificate genCertificate(byte[] certData) {
//		ByteArrayInputStream bais = new ByteArrayInputStream(certData);
//		X509Certificate cert = null;
//		try {
//			CertificateFactory cf = CertificateFactory.getInstance("X.509");
//			cert = (X509Certificate) cf.generateCertificate(bais);
//		} catch (Exception e) {
//			return null;
//		}
//		return cert;
//	}

	public static boolean verify(PublicKey cert, byte[] plain,byte[] signData) {
		try {
			Signature sig = Signature.getInstance("SHA1withRSA");
			sig.initVerify(cert);
			sig.update(plain);
			return sig.verify(signData);
		} catch (Exception e) {
		}
		return false;
	}

	public static void main(String[] args) throws Exception {
		// PrivateKey priKey =
		// JKSUtil.getPriKeyFromKS("E:\\workspace\\wfjnet\\resource\\certs\\amazon_batch.keystore",
		// "123456", "amazon_batch", "123456");
		// 读取keystore文件到KeyStore对象
		FileInputStream in = new FileInputStream("d:/keydsa/cmpay.keystore");
		KeyStore ks = KeyStore.getInstance("JKS");// JKS: Java Key
		ks.load(in, "123456".toCharArray());
		in.close();
		// 从keystore中读取证书和私钥
		String alias = "rb"; // 记录的别名
		String pswd = "123456"; // 记录的访问密码
		PrivateKey priKey = (PrivateKey) ks.getKey(alias, pswd.toCharArray());
		String data = "";
		byte[] en_data = SignUtil.sign(priKey, data.getBytes());
		System.out.println(new String(Base64.encode(en_data)));
		
		
		
		
		CertificateFactory of;
		String bv = null;
		PublicKey puk = null;
		try {
			of = CertificateFactory.getInstance("x.509");
			FileInputStream ins = new FileInputStream("D:/keydsa/gomerb.cer");
			X509Certificate Cert = (X509Certificate) of.generateCertificate(ins);
			puk = Cert.getPublicKey();
			BASE64Encoder bs = new BASE64Encoder();
			bv = bs.encode(puk.getEncoded());
		} catch (Exception e) {
			e.printStackTrace();
		}
		// PublicKey pubKey =
		// JKSUtil.getPubKeyFromCRT("E:\\workspace\\wfjnet\\resource\\certs\\amazon_batch.crt");
		// String signData =
		// "MQDj+v3rhnla2CzMV/LYBhJftYDV7FteVN6GO+STwnn8yd72idUaFxAarRKPgvqwy0kQaBAcChWImdSBr5I8m6H2X55eiK9p89YangXwj3BxIQPcXVem1fxA8+4YHVur5idIt0/UYx+aEJ0zfTRQMRABo5v2DHYqed/VIbs5e8275VfISJXUDUJeeUN+s67AgQ/p14MjL1GyPTa2QrzvtBgrPoV0Lvc0FTCls2NRW8qtoagn6G09wTk2zod+5IM2i2HPVWQMhw9pCH57Qa38Yf6GyMyRJWtI/j2fqcMgYmZSSl8k2mfPFu1ALavnB6PFu2S2hZBxKXRlQDYhIVXKQg==";
		boolean signBoolean = SignUtil.verify(puk, data.getBytes(), en_data);
		System.out.println(signBoolean);
	}
	
	
	
	
	
	
	
	
	
	
	
	
	
	
}